package com.example.springsecuritydemo2.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/news")
public class NewsController {
    @GetMapping
    @PreAuthorize("hasAnyAuthority('sys:news:select')")
    public String getNews(){
        return "新闻列表";
    }

    @PostMapping
    @PreAuthorize("hasAnyAuthority('sys:news:add')")
    public String addNews(){
        return "添加新闻";
    }

    @PutMapping
    @PreAuthorize("hasAnyAuthority('sys:news:update')")
    public String updateNews(){
        return "修改新闻";
    }

    @DeleteMapping
    @PreAuthorize("hasAnyAuthority('sys:news:delete')")
    public String deleteNews(){
        return "删除新闻";
    }
}
